using System;
using System.Web;
using System.Collections;
using System.Web.Services;
using System.Web.Services.Protocols;

using System.Data;
using System.Data.SqlClient;

/// <summary>
/// Summary description for SecurityCheck
/// </summary>
[WebService(Namespace = "http://tempuri.org/")]
[WebServiceBinding(ConformsTo = WsiProfiles.BasicProfile1_1)]
public class SecurityCheck : System.Web.Services.WebService {

    public SecurityCheck () {

        //Uncomment the following line if using designed components 
        //InitializeComponent(); 
    }

    [WebMethod]
    public DataSet CheckID(DateTime flt_date, string id_no, string uid,string sign,out int ret_code, out string ret_msg)
    {
        DataTable bufTab;

        SqlCommand cmd = new SqlCommand();
        SqlParameter para;
        DataSet ds = new DataSet();
        DataTable dt = new DataTable();
        string pwd, office;

        ret_code = 0;
        ret_msg = "";

        if (uid.Length > 30 || uid.Length < 1 || id_no.Length < 3 || id_no.Length > 30 ||  sign.Length > 50)
        {
            ret_code = -1;
            ret_msg = "Found invalid parameters!";
            return ds;
        }

        bufTab = (DataTable)MyCache.GetCache("airport:"+uid);
        if (bufTab == null)
        {
            try
            {
                cmd.CommandText = "crsi_secu_get_user_pwd_hash";
                para = cmd.Parameters.AddWithValue("@uid", uid);
                ret_code = TinyDAL.Exec(ref cmd, ref dt);
                ret_msg = "";
            }
            catch (Exception ex)
            {
                ret_msg = ex.Message;
                ret_code = -1;
                return ds;
            }
            if (dt.Rows.Count != 1)
            {
                ret_msg = "User Not found!";
                ret_code = -1;
                return ds;
            }
            MyCache.SetCache("airport:" + uid, dt, 507, 0);
            pwd = dt.Rows[0]["password"].ToString();
            office = dt.Rows[0]["office"].ToString();
        }
        else
        {
            pwd = bufTab.Rows[0]["password"].ToString();
            office = bufTab.Rows[0]["office"].ToString();
        }

        string inbuf = flt_date.ToString("yyyyMMdd") + "|" + id_no + "|" + uid + "|" + pwd;
        string outbuf = System.Web.Security.FormsAuthentication.HashPasswordForStoringInConfigFile(inbuf, "MD5");
        if (outbuf != sign)
        {
            ret_msg = "Unauthorized!";
            ret_code = -1;
            return ds;
        }

        
        //SqlCommand cmd = new SqlCommand();
        //SqlParameter para;
        //DataSet ds = new DataSet();
        //DataTable dt = new DataTable();
        //string pwd;
        //try
        //{
        //    cmd.CommandText = "crsi_secu_get_user_pwd_hash";
        //    para = cmd.Parameters.AddWithValue("@uid", uid);
        //    ret_code = TinyDAL.Exec(ref cmd, ref dt);
        //    ret_msg = "";
        //}
        //catch (Exception ex)
        //{
        //    ret_msg = ex.Message;
        //    ret_code = -1;
        //    return ds;
        //}
        //if (dt.Rows.Count != 1)
        //{
        //    ret_msg = "User Not found!";
        //    ret_code = -1;
        //    return ds;
        //}
        //string inbuf = flt_date.ToString("yyyyMMdd") + "|" + id_no + "|" + uid +"|"+ dt.Rows[0][0].ToString().Trim();
        //string outbuf = System.Web.Security.FormsAuthentication.HashPasswordForStoringInConfigFile(inbuf, "MD5");
        //if (outbuf != sign)
        //{
        //    ret_msg = "Illegal!";
        //    ret_code = -1;
        //    return ds;
        //}
        /////////////////////////////////////////////////////////

        cmd.Parameters.Clear();
        try
        {
            cmd.CommandText = "crsi_secu_check_pax_id";
            para = cmd.Parameters.AddWithValue("@flt_date", flt_date);
            para = cmd.Parameters.AddWithValue("@id_no", id_no);
            para = cmd.Parameters.AddWithValue("@uid", uid);
            //para = cmd.Parameters.AddWithValue("@pwd", pwd);

            //para = cmd.Parameters.AddWithValue("@ip_addr", HttpContext.Current.Request.UserHostAddress);
            ret_code = TinyDAL.Exec(ref cmd, ref ds);
            if (ret_code == 0)
                ret_msg = "";
            else if (ret_code == 1)
                ret_msg = "Invalid user or password!";
            else if (ret_code == 2)
                ret_msg = "Invalid flight date!";
            else
                ret_msg = "Error:" + ret_code.ToString();
                
        }
        catch (Exception ex)
        {
            ret_msg = ex.Message;
            ret_code = -1;
        }
        return ds;
    }

    
    
}

